{"dataType":"CVE_RECORD","cveMetadata":{"cveId":"CVE-2024-5629","assignerOrgId":"a39b4221-9bd0-4244-95fc-f3e2e07f1deb","state":"PUBLISHED","assignerShortName":"mongodb","dateReserved":"2024-06-04T13:49:31.496Z","datePublished":"2024-06-05T14:32:56.435Z","dateUpdated":"2025-02-13T17:54:22.106Z"},"containers":{"cna":{"affected":[{"cpes":["cpe:2.3:a:mongodb:python_driver:0.4:pre:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:0.5:pre:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:0.5.1:pre:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:0.5.2:pre:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:0.5.3:pre:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:0.6:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:0.7:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:0.7.1:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:0.7.2:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:0.8:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:0.8.1:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:0.9:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:0.9.1:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:0.9.2:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:0.9.3:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:0.9.4:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:0.9.5:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:0.1:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:0.10.1:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:0.10.2:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:0.10.3:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:0.11:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:0.11.1:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:0.11.2:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:0.11.3:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:0.12:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:0.13:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:0.14:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:0.14.1:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:0.14.2:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:0.15:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:0.15.1:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:0.15.2:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:0.16:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:1:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:1.1:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:1.1.1:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:1.1.2:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:1.2:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:1.2.1:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:1.3:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:1.4:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:1.5:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:1.5.1:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:1.5.2:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:1.6:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:1.7:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:1.8:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:1.8.1:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:1.9:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:1.10.1:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:1.11:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:2:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:2.0.1:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:2.1:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:2.1.1:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:2.2:-:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:2.2:rc1:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:2.2.1:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:2.3:-:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:2.3:rc1:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:2.4:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:2.4.1:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:2.4.2:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:2.5:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:2.5.1:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:2.5.2:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:2.6:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:2.6.1:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:2.6.2:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:2.6.3:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:2.7:-:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:2.7:rc0:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:2.7:rc1:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:2.7.1:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:2.7.2:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:2.8:-:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:2.8:rc0:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:2.8:rc1:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:2.8:rc2:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:2.8.1:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:2.9:-:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:2.9:rc0:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:2.9.1:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:2.9.2:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:2.9.3:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:2.9.4:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:2.9.5:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:3:-:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:3:b0:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:3:b1:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:3:rc0:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:3:rc1:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:3.0.1:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:3.0.2:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:3.0.3:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:3.1:-:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:3.1:rc0:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:3.1.1:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:3.2:-:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:3.2:rc0:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:3.2.1:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:3.2.2:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:3.3.0:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:3.3.1:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:3.4:rc0:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:3.4.0:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:3.5.0:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:3.5.1:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:3.6:rc0:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:3.6.0:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:3.6.1:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:3.7.0:-:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:3.7.0:b0:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:3.7.1:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:3.7.2:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:3.8.0:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:3.9.0:-:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:3.9.0:b0:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:3.9.0:b1:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:3.10.0:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:3.10.1:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:3.11.0:-:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:3.11.0:b0:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:3.11.0:b1:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:3.11.0:rc0:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:3.11.1:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:3.11.2:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:3.11.3:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:3.11.4:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:3.12.0:b0:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:3.12.0:b1:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:3.12.1:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:3.12.2:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:3.12.3:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:3.13.0:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:4.0.0:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:4.0.1:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:4.0.2:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:4.1.0:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:4.1.1:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:4.2.0:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:4.3.2:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:4.3.3:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:4.4.0:b0:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:4.4.0:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:4.4.1:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:4.5.0:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:4.6.0:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:4.6.1:*:*:*:*:mongodb:*:*","cpe:2.3:a:mongodb:python_driver:4.6.2:*:*:*:*:mongodb:*:*"],"defaultStatus":"unaffected","product":"PyMongo","vendor":"MongoDB Inc","versions":[{"lessThanOrEqual":"4.6.2","status":"affected","version":"0","versionType":"custom"}]}],"datePublic":"2024-06-05T14:32:00.000Z","descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"<span style=\"background-color: rgb(255, 255, 255);\"><span style=\"background-color: rgb(255, 255, 255);\">An out-of-bounds read in the 'bson' module of PyMongo 4.6.2 or earlier allows deserialization of malformed BSON provided by a Server to raise an exception which may contain arbitrary application memory.</span></span><br>"}],"value":"An out-of-bounds read in the 'bson' module of PyMongo 4.6.2 or earlier allows deserialization of malformed BSON provided by a Server to raise an exception which may contain arbitrary application memory."}],"metrics":[{"cvssV3_1":{"attackComplexity":"HIGH","attackVector":"NETWORK","availabilityImpact":"LOW","baseScore":4.7,"baseSeverity":"MEDIUM","confidentialityImpact":"LOW","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"CHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:L","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-125","description":"CWE-125: Out-of-bounds Read","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"a39b4221-9bd0-4244-95fc-f3e2e07f1deb","shortName":"mongodb","dateUpdated":"2024-06-17T13:05:51.315Z"},"references":[{"tags":["release-notes"],"url":"https://jira.mongodb.org/browse/PYTHON-4305"},{"url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00007.html"}],"source":{"discovery":"EXTERNAL"},"title":"Out-of-bounds read in bson module of PyMongo","x_generator":{"engine":"Vulnogram 0.2.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-06-05T20:52:39.427569Z","id":"CVE-2024-5629","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-06-05T20:52:59.238Z"}},{"title":"CVE Program Container","references":[{"tags":["release-notes","x_transferred"],"url":"https://jira.mongodb.org/browse/PYTHON-4305"},{"url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00007.html","tags":["x_transferred"]},{"url":"https://lists.debian.org/debian-lts-announce/2024/09/msg00032.html"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-09-16T23:02:28.936Z"}}]},"dataVersion":"5.1"}